C-Command Software Forum

Need Help Fixing "Randomized" Spam UserName and Domain Name Filtering?

First, let me say that I am using Outlook 2016 on a Mac book Pro with OS X 10.10.5. I have trained spamsieve manually as explained in the manual. I am having problems with both very creative ways for “spamvertisers” to avoid spamsieve’s filters, and, an apparent error in spamsieve’s functionality.

Spam originators are employing Random user names and domain names in their addresses which renders spamsieve’s Address filtering virtually ineffective.

This is what a small portion of the rules looked like this morning.

Note that the random username and Random portion of the domain makes the address totally unique. All by itself, this would make the address filter useless the filter was made less “choosy”.

Note that the random address parts have been removed, the criteria is changed to “contains” and duplicate rules for the same generic domain have been disabled (then later removed to keep the number of rules lower.) It seems to me that this should make it difficult for advertisers to “slip through” multiple spams on the same “generisized” domain. This seems to be largely defeated by the spam–generators’ changing the generic part of the domain multiple times a day :frowning: so that I get three or four spams from one generic domain and then later on get the same spams from a different domain.
My attempt to help with at least from a portion of the spam onslaught was to genericize the Name portion of the message as was done with the domain portion. Additionally, I notice that almost every message I got whose domain ended in “.info” was spam, so I’ve made a rule to kill anything coming in with that ending.
With all these “clever” rules in effect, still no filtering occurs whatsoever (zero hits on ALL 350+filters).
I have checked both the white list and the blocked list and removed a few mistakes. The Bayesian classifier doesn’t seem to work since there is a huge similarity/overlap between many spam messages.

I would greatly appreciate anyone’s suggestions as to what I have done wrong or what I can do to make this work. Thanks.

If spam is getting through to your inbox, the first step should always be to check this page. Since you said that there is no filtering whatsoever, that probably indicates a setup problem rather than an issue with SpamSieve’s actual filtering. Are you aware that Outlook 2016 works very differently with SpamSieve compared with previous versions?

Secondly, it should almost never be necessary to manually tune SpamSieve’s blocklist as you describe. The Bayesian classifier should catch those messages automatically. If you think you need to edit the blocklist, you should first check the log to see what is actually happening.

Still being “Spammed to Death” :frowning:

Thanks for the response Michael

I had read virtually all of the material in the Help and Manual regarding my problem before I posted. I have gone through it all again, just to make sure. The only area that is a bit confusing is reading the log for errors. I’m not always sure what the entries mean, so the log is only slightly helpful. I would be happy to send in the log and screenies of various preferences, if that would help diagnose my situation; just tell me what to send.

Thanks again,
Randy

Which one of the Outlook 2016 workarounds are you using? Or are you manually filtering the messages using the “SpamSieve - Move If Spam” command?

Please see this page.

I used “SpamSieve - Move If Spam” command once during setup. Otherwise, I have been removing spam using the “… Train as spam” command. Should I be using the “Move…” command each time instead? I have around 400 Manually trained messages / rules now. If I use the "… Move If Spam” method, do I select ALL of the new / unread messages?

Michael

I just tried selecting some test messages and using the “…Move If Spam” command. It looks like that was the problem - great call; and thank you very much.

RandyJ

Yes, unless you’ve set up the Outlook - Filter Mailboxes script to do the filtering automatically.

Yes.